- This is certified documentation and is protected for editing by Zimbra Employees & Moderators only.

Problem

Prerequisites:

The user authentication is against AD.

Scenario:

AD administrator want to allow a vendor/client access to a few servers in his Active Directory domain. However, the AD administrator want to restrict access of these clients to only the servers they need access to? The solution to this is to use the Log On To... options in the user properties window:

Resolution

If you only allow the users to access the zimbra server and the machines to which they are restricted to, the users will receive invalid password error at login time. To fix the problem, you need to add the DC/s to the PCs that are allowed to be accessed. That is due to the fact, that the zimbra server must access the AD to authenticate the users.